README.rst - pee - Pee a password manager;Pee - because you have to...
(HTM) git clone git://vernunftzentrum.de/pee.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) LICENSE
---
README.rst (4696B)
---
1 Pee - A password manager...because you have to
2 ==============================================
3
4 This is the README file for pee a password store/manager for the command line.
5
6 Pee will help you choose a secure password for every website or login you need.
7 Pee will also suggest a randomly choosen username, with Firstname_Lastname taken from http://deron.meranda.us/data/.
8 You can annotate the password with additional hints, such as password recovery or other "security" questions.
9 The passwords are stored in an encrypted password store.
10 The contents are encrypted using a passphrase.
11
12 Pee will protect you against the password storage getting lost.
13 Pee will not protect you against an attacker that can access all of your computer's RAM.
14 Pee will not protect you against keyloggers as the passphrase to your store will be logged.
15
16 Pee will output the password on the console by default.
17
18 If you want to have it available for copy and paste, you should use an external program like xsel.
19
20 Dependencies
21 ------------
22
23 Pee is written in `CHICKEN Scheme (version 5)`__, the cryptography parts are provided by the tweetnacl egg.
24 The BLAKE2s_ code has been taken verbatim from the reference implementations and is included in the pee source code.
25 Other eggs pee depends on are: srfi-1, srfi-4, getopt-long, matchable and stty.
26
27 .. _BLAKE2s: https://github.com/BLAKE2/BLAKE2.git
28 __ https://www.call-cc.org
29
30 Installing
31 ----------
32
33 After unpacking the source build it using the CHICKEN 5 Scheme compiler::
34
35 $ ./compile.sh
36
37 This will create some version info files that get integrated into the executable and calls chicken-install
38 for fetching dependencies and building a static version of pee.
39 The compile script will attempt to clean up if the build fails.
40 If you have cloned from the git repo, a git clean -f -d will do that for you.
41
42 Using Pee
43 ---------
44
45 A sample session::
46
47 $ pee -i
48 Using database file /home/ckeen/.passdb
49 I will ask you twice for the passphrase to encrypt the password store with.
50 Enter passphrase:
51 Enter passphrase:
52 Password store /home/ckeen/.passdb initialised.
53 $ pee -a t
54 Using database file /home/ckeen/.passdb
55 Enter passphrase:
56 Username [Karey_Zepeda43]:
57 Mode all chars, Length 25 chars, entropy 161 bits
58 )!.#ZBR2.Zwia<.X#[N<-/C~j Mode alpha-numeric, Length 27 chars, entropy 160 bits
59 scBUOVEibGRECh7IwZI7NBQyaAx
60 Mode easy-to-read, Length 25 chars, entropy 157 bits
61 p&?X^E&BlR~FIfYVs=?%+IqSy
62 Mode some-funny-chars, Length 25 chars, entropy 157 bits
63 -Gyoka9zev@CPbN6f0!df-&QZ
64 Mode some-funny-chars, Length 31 chars, entropy 194 bits
65 2zoR4An)wKFNkQnDk4-+mOW-&zP-CzC
66 Mode some-funny-chars, Length 36 chars, entropy 226 bits
67 fphUdPCi7-d64%^2$8/-Fz1v7a5Q1JUsz|s3
68 Comment: my secret site password
69 Entry for t added.
70 $
71
72 Cryptography
73 ------------
74
75 The key is derived using the BLAKE2s_ key derivation function.
76 For symmertric encryption the tweetnacl library is used.
77
78 If running on OpenBSD, passwords are generated using OpenBSD's `arc4random()`__ RNG.
79 If running on linux /dev/urandom will be used as a source of random bytes.
80 If running on any other OS /dev/random will be used as a source for random bytes.
81 Passwords are choosen from this set of characters "abcdefhijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#$%^&*()-=~?/\|+,:.<>{}[]".
82 There are currently several password modes available that substract a subset of the above character set.
83
84 The modes are::
85
86 '(("all chars" . "")
87 ("alpha-numeric" . "!@#$%^&*()-=~?/\|+,:.<>{}[]")
88 ("easy-to-read" . "l1o0I|!ji")
89 ("some-funny-chars" . "|\\[]{}<>~&")))
90
91
92
93
94 __ http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/arc4random.3
95
96 License
97 -------
98
99 The blake2s Hash function has been licensed under a Creative Commons CC0 1.0 Universal license.
100 The tweetnacl code is in the public domain.
101 The tweetnacl egg is BSD licensed.
102
103 The rest of the pee code comes with a OpenBSD (ISC like) license.
104
105 Copyright (c) 2016 Christian Kellermann <ckeen@pestilenz.org>
106
107 Permission to use, copy, modify, and distribute this software for any
108 purpose with or without fee is hereby granted, provided that the above
109 copyright notice and this permission notice appear in all copies.
110
111 THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
112 WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
113 MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
114 ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
115 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
116 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
117 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.